Industry-leading whitepapers, buyers guides
and analyst reports


We're constantly creating whitepapers, trend articles and tip sheets to keep you up to date on the state of security. We also produce buyers guides to help you select the best security products to meet your needs. And we offer you free versions of analyst reports—so you know what independent experts are saying about us.

CryptoLocker, CryptoWall and Beyond: Mitigating the Rising Ransomware Threat

While ransomware has existed for many years, this category of malware re-emerged in September 2013 in a form that is far more effective and dangerous. As criminals have learned how to construct and distribute highly effective ransomware, they have built multi-million-dollar enterprises based on victimizing individuals and organizations. In this whitepaper, Sophos reviews the evolution and current state-of-the-art in ransomware, from CryptoLocker to CryptoWall and beyond.

The Forrester Wave: Endpoint Encryption

Download this report to evaluate and select the right security vendor for your business’ endpoint encryption needs and to learn why Forrester considers Sophos a leader.

Wireless network security: A how-to guide for SMBs

Wi-Fi networks are a requirement for doing business today. However, business Wi-Fi networks are more complex than home Wi-Fi networks. They must support visitors and contractors as well as employees – all of whom need varying levels of access. Without proper access controls anybody and everybody can connect to the network, putting sensitive data at risk.

Firewall Buyers Guide

This guide provides an overview of what to consider when selecting your next network firewall, including information on the features available and questions to ask your vendors. Use it to identify the right solution for your organization.

Gartner Magic Quadrant for Enterprise Mobility Management

Gartner has placed Sophos in the Visionary Quadrant in the 2014 Magic Quadrant for Enterprise Mobility Management. Find out how Sophos stacks up against the competition.

Miercom Comparative Test Results: UTM Appliances

Network experts, Miercom, have run extensive tests comparing firewall performance in the most common day-to-day scenarios.  Read this report to see how Sophos, Fortinet, Dell SonicWALL and WatchGuard all stack up in independent tests.

Regulations and Standards: Where Encryption Applies

Organizations of all sizes face a number of industry and regulatory compliance mandates. Whether it’s PCI DSS, SOX, HIPAA or FISMA, these regulations are changing to accommodate the ever-growing threat to sensitive data. This whitepaper describes the different types of data under regulation and offers best practices for implementing appropriate encryption technologies.

Simple Security Is Better Security

In this paper we’ll examine the inherent complexity of enterprise-class security products and the very different needs of smaller organizations. Then we’ll look at a simpler alternative: cloud-based endpoint security.

EU Data Protection Regulation Proposals

Download this whitepaper to learn what the new EU-wide General Data Protection Regulation reform proposals will mean to global companies and how compliance can be achieved. And see how Sophos SafeGuard Encryption protects your company without impacting user workflow or draining IT resources.

Adding Extra Security to Cloud Storage

Many companies take a restrictive approach to public storage services such as Dropbox by applying web filtering to block access or by applying application controls to prevent cloud storage applications from being installed. This whitepaper focuses on applying data encryption everywhere to enable users to manage access to the cloud without placing data or businesses at risk.

Encryption Buyers Guide

This guide details the capabilities to look for when evaluating endpoint encryption solutions. It’s separated into specific encryption features – full-disk encryption, file and folder encryption, mobile, etc. – for ease of use. It also includes key questions to ask vendors to help you identify which solution best meets your requirements.

Protecting Data Everywhere with SafeGuard Enterprise

How do you extend your data protection policies to secure data wherever it’s stored instead of just securing particular devices? This paper explores developments in data protection and how our SafeGuard Enterprise solution can help you protect data everywhere.

Protecting Your Roaming Workforce With Cloud-Based Security

Remote and roaming workers are constantly checking email, downloading data, and staying productive. This paper looks at the security challenges posed by employees working beyond the company's secure perimeter, and proposes a transition to a cloud-based security service.

Advanced Persistent Threats: Detection, Protection and Prevention

This paper is designed to give you an overview of the common characteristics of advanced persistent threats (APTs), how they typically work, and what kind of protection is available to help reduce the risk of an attack.

Managing BitLocker With SafeGuard Enterprise

This whitepaper explains how Sophos SafeGuard Enterprise secures your data wherever it’s stored; and how it allows you to support diverse platforms and encryption products including BitLocker.

Mobile Device Management Buyers Guide

In this guide we walk you through the factors you need to consider to find a mobile device management solution that best fits your needs. See how Sophos ranks compared to AirWatch, MobileIron, Good Technology and Symantec Mobile Management.

Two Great Ways to Protect Virtual Machines From Malware

This paper aims to help IT professionals, including security and virtualization specialists, to understand and choose between two modern approaches to securing virtual environments: agentless scanning using vShield Endpoint and client-based scanning optimized for virtual platforms.

Security Threat Report 2014

Since our last report, malware and related IT security threats have grown and matured. Malicious code authors are far more adept at camouflaging their work—using the dark parts of the Internet—creating new threats that are smarter, shadier and stealthier.

A Manager's Guide to Unified Threat Management and Next-Gen Firewalls

The concept of unified threat management (UTM) is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor. But the process of evaluating UTM options is not simple. This guide is intended to help executives and managers evaluate UTM systems.

Seven Keys to Securing Your Growing Business

How can you secure your assets and intellectual property, protect employees and valuable customer data—and do it easily? In this paper, we provide clear guidelines for business owners to identify a cloud-based security solution that is simple to use, eases growing pains and hardens security.

Five Stages of a Web Malware Attack

Today’s web attacks are extremely sophisticated and multi-faceted, motivated by a massive underground economy that trades in compromised computers and user information. This paper shows you how modern web attacks work, broken down into five stages, from entry through execution.

Don't Let Data Loss Burn a Hole in Your Budget

This paper guides you through the steps necessary to implement a practical data loss prevention (DLP) strategy. We’ll start by quickly looking at what’s driving data loss prevention and the consequences of data loss. We’ll then provide practical implementation advice.

Who's Snooping on Your Email?

In this whitepaper we’ll help you navigate today’s threats to email security. We’ll explain the obstacles to compliance, and show you why you need a secure email gateway that offers more than just encryption.

Gartner Magic Quadrant for Mobile Data Protection

The Gartner Magic Quadrant for Mobile Data Protection offers independent research and analysis of the top vendors in the encryption market.

TMG Replacement Guide

Microsoft has quietly brought its Forefront Threat Management Gateway (TMG) to a dead end. This TMG Replacement Guide reviews some of Microsoft TMG’s key features—and explains how Sophos Unified Threat Management can be a clear path forward and improve your network protection.

Not Just for PCs Anymore: The Rise of Mobile Malware

Download this whitepaper to get a close look at the fast-moving threat of mobile malware: how and why it’s arisen, what forms it takes, where it stands, where it’s headed, and what you can do about it.

Your CEO Wants to Connect a New Device to the Corporate Network. Now What?

Download this whitepaper to understand the key challenges, risks, and rewards of BYOD. And find out how you can make securing your network against the threats simple with a mobile device management strategy.

Your Company Data, Their Personal Device—What Could Go Wrong?

Employee use of smartphones and tablets to access corporate information and services is exploding. And that means IT organizations need to get beyond widely-held myths about improving their mobile security profile. Warning: Failure to do so is not an option.

Gartner Magic Quadrant for Unified Threat Management

The Gartner Magic Quadrant for Unified Threat Management offers independent research and analysis of the top vendors in the UTM market. Get the full report to find out why we're a Leader.

Taking Control of Your Smartphones, Laptops, and Tablets

Mobile devices introduce a threat to your data security, whether they are company-owned or employee-owned (what we call BYOD). This whitepaper will help you create a plan for locking down data stored on those devices and keeping them secure.

UTM Buyers Guide 

This buyers guide can help you in your search for the best UTM. It gives you a detailed product feature check list to help you identify and evaluate the security capabilities you need.

Choosing a Hosting Provider

Here are 10 questions you should be asking your hosting provider about features and services that will help to keep your site secure, covering general security practices, application security and operation of the site itself.

iPhone vs. Android vs. Windows Phone 8

The rising trend of mobility consumerization has reached a point where it is increasingly difficult for IT organizations to settle on a standard mobile device. This whitepaper will help you identify each device platform’s security features—and choose the right platform for your business.

Ransomware: Hijacking Your Data

Since 2011, users have increasingly seen messages warning that their computer is locked and demanding money in exchange for access to their PCs, purportedly from the FBI and police agencies. These are not the actions of law enforcement—but a type of malware called ransomware. Our experts at SophosLabs look in depth at ransomware variants and delivery mechanisms, and show how you can protect your data with a complete security strategy.

Mobile Madness or BYOD Security?

In this whitepaper, we briefly assess where Bring Your Own Device (BYOD) stands, where it’s headed, and your core challenges in implementing and managing it. Then, we turn to solutions, helping you build a comprehensive action plan for your BYOD success.

Endpoint Buyers Guide

We give you independent test results to answer your questions about the top endpoint vendors, including Kaspersky Lab, McAfee, Sophos, Symantec and Trend Micro.

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess

This SophosLabs whitepaper provides insight into two of the most commonly used and technically capable pieces of crimeware, the Blackhole exploit kit and the ZeroAccess rootkit.

Sample Mobile Device Security Policy

One of the challenges facing IT departments today is securing both privately owned and corporate mobile devices, such as smartphones and tablet computers. This example policy, which you can adapt to suit your organization’s risk tolerance and user profile, is intended to act as a guideline for organizations that need to implement or update an existing mobile device security policy.

5 Tips for Securing Your Wireless Network

In this paper, we suggest best practices that can help administrators go beyond the basics of wireless security to provide advanced security, manageability and accessibility. We will also show how Sophos UTM Wireless Protection and related products help address these issues.

Four Data Threats in a Post-PC World

This whitepaper explains the risks of four new data threats: BYOD, mobile devices, cloud storage and social networks. And we explain how to manage the challenges successfully with tips and policies you can enact in your organization.

8 Threats Your Antivirus Won't Stop: Why you need endpoint security

This paper outlines eight common threats that traditional antivirus alone won't stop, and explains how to protect your organization using endpoint security.

BYOD Risks and Rewards

Although BYOD may be a convenience to your employees, you need to think about its impact on corporate security models. This whitepaper explains the risks and rewards of BYOD, and shows you how you can adopt BYOD in your workplace while protecting your data

Gartner Magic Quadrant for Endpoint Protection Platforms

The Gartner Magic Quadrant for Endpoint Protection Platforms offers independent research and analysis of the top vendors in the endpoint market.

The Forrester Wave: Endpoint Security

Learn why Forrester Research, Inc. positions Sophos as a leader in endpoint security, and why we think we’re the best vendor for your business' endpoint security needs.

Info-Tech Vendor Landscape: Endpoint Encryption 

Download this report to find out which endpoint encryption product meets your needs. And discover why Info-Tech ranks us Champions in the marketplace.

Fixing Your Dropbox Problem: How the Right Data Protection Strategy Can Help

This whitepaper explains the risks of consumer file-sharing services and the public cloud. And it gives you easy steps to take to protect your data and fix your Dropbox problem.

Buyers Guide to Web Protection

This buyers guide can help you in your search for the best web protection. It gives you detailed checklists to help you identify and evaluate the security capabilities you need.

Closing the Back Door on Network Application Vulnerabilities

Every organization with a website is vulnerable to web server attacks. In this paper we'll explain how you can close and lock the back door to your network, to keep malware out and your data safe.